@version: 4.1
@include "scl.conf"

# syslog-ng configuration file.
#
# See syslog-ng(8) and syslog-ng.conf(5) for more information.
#
# Note: It also sources additional configuration files (*.conf)
#       located in /etc/syslog-ng/conf.d/.

#
# Options
#
options {
    # Create destination directories if missing.
    create_dirs(yes);

    # The default action of syslog-ng is to log a MARK line to the file every
    # 20 minutes. That's seems high for most people so turn it down to once an
    # hour. Set it to zero if you don't want the functionality at all.
    mark_freq(3600);

    # The default action of syslog-ng is to log a STATS line to the file every
    # 10 minutes. That's pretty ugly after a while. Change it to every 12 hours
    # so you get a nice daily update of how many messages syslog-ng missed (0).
    stats(freq(43200));

    # Time to wait before a died connection is re-established (default is 60).
    time_reopen(5);

    # Disable DNS usage.
    # syslog-ng blocks on DNS queries, so enabling DNS may lead to a DoS attack.
    use_dns(no);
    dns_cache(no);

    # Default owner, group, and permissions for log files.
    owner(root);
    group(adm);
    perm(0640);

    # Default permissions for created directories.
    dir_perm(0755);
};


#
# Templates
#

template t_file {
    template("${YEAR}-${MONTH}-${DAY} ${HOUR}:${MIN}:${SEC} ${LEVEL} ${MSGHDR}${MSG}\n");
};


#
# Sources
#

source s_sys {
    # Standard system log source.
    system();

    # Messages generated by syslog-ng.
    internal();
};


#
# Destinations
#

destination d_auth { file("/var/log/auth.log" template(t_file)); };
destination d_boot { file("/var/log/boot.log" template(t_file)); };
destination d_cron { file("/var/log/cron.log" template(t_file)); };
destination d_kern { file("/var/log/kern.log" template(t_file)); };
destination d_mail { file("/var/log/mail.log" template(t_file) flush_lines(10)); };
destination d_mesg { file("/var/log/messages" template(t_file)); };

# Send messages to console of everyone logged in.
destination d_cons_all { usertty("*"); };

# Send message to the root's console.
destination d_cons_root { usertty("root"); };


#
# Filters
#

filter f_auth { facility(auth, authpriv); };
filter f_boot { facility(local7); };
filter f_cron { facility(cron); };
filter f_emerg { level(emerg); };
filter f_kern { facility(kern); };
filter f_mail { facility(mail); };

filter f_default {
    level(info..emerg)
    and not (facility(auth)
        or facility(authpriv)
        or facility(cron)
        or facility(kern)
        or facility(mail));
};


#
# Logs
#

log { source(s_sys); filter(f_auth); destination(d_auth); };
log { source(s_sys); filter(f_boot); destination(d_boot); };
log { source(s_sys); filter(f_cron); destination(d_cron); };
log { source(s_sys); filter(f_emerg); destination(d_cons_root); };
log { source(s_sys); filter(f_kern); destination(d_kern); };
log { source(s_sys); filter(f_mail); destination(d_mail); };
log { source(s_sys); filter(f_default); destination(d_mesg); };

# Source additional configuration files (.conf extension only)
@include "/etc/syslog-ng/conf.d/*.conf"
